The Evolution Of GRC As Compliance And Risk Management Become More Complex

The core functionality of GRC has evolved in response to the need for a standardized and centralized data and process management structure supporting compliance and risk management functions in light of increasing complexity in both activities. As GRC further evolves into an enterprise platform, these capabilities cease to be solution differentiators, although they are no[…]

The Configurability of Workflows With GRC

The Configurability of Workflow In some cases, these capabilities represent very basic, generic understandings of a workflow in the abstract that do not match the specific processes of the organization in question. Even in tools focused on a specific function or application of GRC, the workflows used by the solution may not match the individual[…]

A Director’s View Of Risk: Opportunities For True Enterprise GRC

The increased complexity and stakes of risk and compliance have resulted in strengthened demand for an understanding of the risks that face an organization. While this raises the profile of compliance and risk management with corporate leadership, it also presents new challenges. Few directors or senior executives outside of risk and compliance management have in-depth[…]

The Building Blocks Of An Effective, Efficient & Agile Third-party Risk Management Program

This blog is an extract from the white paper Managing Risk & Compliance Across 3rd Party Relationships, written by Michael Rasmussen of GRC 20/20 Research. The paper, in its entirety, can be found by clicking here.   No company is an island. Organizations are a complex and diverse network of business relationships in which risk and[…]

Managing Risk & Compliance Across 3rd Party Relationships

This blog is an extract from the white paper Managing Risk & Compliance Across 3rd Party Relationships, written by Michael Rasmussen of GRC 20/20 Research. The paper, in its entirety, can be found by clicking here. DoubleCheck is a GRC solution that GRC 20/20 has researched, evaluated, and reviewed with organizations that are using it in[…]

SOX Compliance Solution Implementation Outcomes

SOX Compliance Solution Implementation Outcomes Having completed a full controls test management solution implementation from inception to user rollout in approximately 30 weeks, KBR reports an overall high level of satisfaction. This assessment is derived from reports with respect to a number of outcomes related to implementation processes and objectives, including: Timing: KBR completed its SOX[…]

SOX Compliance Solution Investment and Implementation Process Review

Arriving at the implemented solution from the recognition of investment need is the result of a journey that begins with scoping need and business case and ends with technical implementation and rollout. Invariably, these processes are complex. Often, they are long, extending to a year or more of effort. Notably, KBR accomplished all of these[…]

Business Value Observed In Audit Process Automation

Audit process automation addresses many of the issues associated with a traditional audit approach. In particular, a traditional audit approach does not adequately address the organizational complexity that the audit department faces. The traditional approach to an audit is spreadsheet-based and requires manual processes as data must be transferred from one best-of-breed solution to the[…]

SOX Controls Management and Best Practices in Compliance System Implementation

Governance, risk, and compliance (GRC) solutions provide value by helping organizations to manage the complexity of information management, process execution, and stakeholder coordination within complex compliance or risk management operations. However, as highlighted in Blue Hill Research’s July 2015 Benchmark Report Contributors to GRC Implementation Success: Avoiding Worst- Case Scenarios, the value offered by these[…]

Top